Quote:McDonald’s UK Monopoly VIP game kicked off at the end of August, and a recent round of emails sent to winners of the game’s various prizes included more than a coupon for free fries. The franchise accidentally inserted passwords for a McDonald’s server that hosted information tied to the UK Monopoly VIP game.
In the wrong hands, these credentials could have been abused to rip off players or cheat the game on a massive scale, according to experts. The gaff was spotted by researcher Troy Hunt, along with some tech-savvy winners who realized what they had.
McDonald’s said it quickly changed the server passwords when it the error was brought to its attention.
Human error, warn cybersecurity experts, is nearly impossible to mitigate against, Mohit Tiwari, CEO of Symmetry Systems told Threatpost. He said the incident should serve as a public example to firms to identify and lock down large deposits of customer data and employ zero-trust solutions. “Modern data-store security products bring zero-trust principles to data, ensuring that there is no one point of failure and that risk-based controls monitor every access to crown-jewel data,” Tiwari said.
Read more: McDonald’s Email Blast Includes Password to Monopoly Game Database | Threatpost
![[-]](https://www.geeks.fyi/images/collapse.png)
